Reverse DNS proxy
Have a slow nameserver and want to spice things up? How about a reverse DNS proxy? For lack of a cool name I chose the name FunkenShield. It’s (of course) in the early stages, but it works quite nicely already.
This is done with the framework of FunkenSturm. Which is part of GoDNS.
How it works:⌗
You place FunkenShield in front of your nameserver and it will cache the binary packets coming from your server in a local cache.
It is written in Go, and the beauty of it is that Go compiles to static executables, so I can give you (or you can compile it yourself) the exe and you can experiment with it yourself.
Some numbers⌗
GoDNS is a library that helps you create DNS software. In this library some example programs are included, among other, a simple nameserver. Currently this nameserver works with 1 zone, namely “miek.nl”. If you run it, it defaults to listening on port 8053:
% ./ns # start the nameserver
<other terminal>
% dig @127.0.0.1 -p 8053 mx miek.nl
<snip>
;; QUESTION SECTION:
;miek.nl. IN MX
;; ANSWER SECTION:
miek.nl. 345600 IN MX 20 mail.atoom.net.
miek.nl. 345600 IN MX 40 mx-ext.tjeb.nl.
;; AUTHORITY SECTION:
<snip>
;; ADDITIONAL SECTION:
miek.nl. 0 IN TXT "Proudly served by Go: http://www.golang.org"
So that works. But how fast is it? This queryperf asks two questions: “A a.miek.nl” and “AAAA a.miek.nl”:
% ./queryperf -d data -s 127.0.0.1 -p 8053 -l 10
<snip>
Queries per second: 3079.260741 qps
Hmmm, only about 3000. Lets spice things up a bit and utilize Go’s multicore features:
% GOMAXPROCS=20 ./ns
% ./queryperf -d data -s 127.0.0.1 -p 8053 -l 10
Queries per second: 7124.942077 qps
More than doubled. Nice, but still nothing to make NSD afraid.
Enter FunkenShield
We run FunkenShield on port 8054, and allow it to have a multitude of goroutines. Note: “./ns” is still running. If FunkenShield has a cache miss it still needs to ask the nameserver.
% cd _examples/funkensturm && make -f Makefile_rproxy
% GOMAXPROCS=20 ./funkensturm -rserver 127.0.0.1:8053 -sserver 127.0.0.1:8054
% ./queryperf -d data -s 127.0.0.1 -p 8054 -l 10 # port = 8054!
Queries per second: 27506.219188 qps
W00t!
27506 qps.
27000+ qps is not bad for a nameserver.